漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An exploitable command execution vulnerability exists in the ASN1 certificate writing functionality of Openweave-core version 4.0.2. A specially crafted weave certificate can trigger a heap-based buffer overflow, resulting in code execution. An attacker can craft a weave certificate to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Openweave-core 缓冲区错误漏洞
Vulnerability Description
Openweave-core是一个家庭局域网应用协议栈,它主要用于控制路径和数据路径消息传递的异步、对称、设备到设备和设备到云的通信。 Openweave-core 4.0.2版本中的ASN1证书书写功能存在缓冲区错误漏洞。攻击者可借助特制的weave证书利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A